Configure Local DNS Server using Dnsmasq on Ubuntu 20.04

Welcome to our tutorial on how to install and configure local DNS Server using Dnsmasq on Ubuntu 20.04. “Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP server. It is designed to provide DNS and optionally, DHCP and TFTP, to a small network. It can serve the names of local machines which are not in the global DNS“.

If you want to save yourself the hustle of having to configure the DNS server the BIND9 way, using Dnsmasq is the simplest and quickest way to get your local DNS server up and running.

In this setup, therefore, we will be configuring Dnsmasq as our local caching DNS server to speed to the local DNS resolution.

Configuring Local DNS Server using Dnsmasq on Ubuntu

Run System Update

Update your system package cache;

apt update

Install Dnsmasq on Ubuntu 20.04

Dnsmasq is available on the Ubuntu 20.04 Universe repos. However, before you can install dnsmasq on Ubuntu 20.04, disable Systemd-resolved service (system service that provides network name resolution to local applications).

systemctl disable --now systemd-resolved

Remove the default resolv.conf file and create a new one with your custom DNS server details to enable you do the installation.

rm -rf /etc/resolv.conf
echo "nameserver 8.8.8.8" > /etc/resolv.conf

Once that is done, Dnsmasq can be installed by running the command below;

apt install dnsmasq
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  dns-root-data dnsmasq-base libidn11
Suggested packages:
  resolvconf
The following NEW packages will be installed:
  dns-root-data dnsmasq dnsmasq-base libidn11
0 upgraded, 4 newly installed, 0 to remove and 73 not upgraded.
Need to get 382 kB of archives.
After this operation, 1,155 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

This installs and starts and enables Dnsmasq service to run on system boot.

systemctl status dnsmasq
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
     Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2020-10-06 19:12:31 UTC; 15s ago
   Main PID: 17726 (dnsmasq)
      Tasks: 1 (limit: 2282)
     Memory: 868.0K
     CGroup: /system.slice/dnsmasq.service
             └─17726 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,20326,8,2,e>

Oct 06 19:12:31 ubuntu20 systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Oct 06 19:12:31 ubuntu20 dnsmasq[17705]: dnsmasq: syntax check OK.
Oct 06 19:12:31 ubuntu20 dnsmasq[17726]: started, version 2.80 cachesize 150
Oct 06 19:12:31 ubuntu20 dnsmasq[17726]: DNS service limited to local subnets
Oct 06 19:12:31 ubuntu20 dnsmasq[17726]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify dumpfi>
Oct 06 19:12:31 ubuntu20 dnsmasq[17726]: reading /etc/resolv.conf
Oct 06 19:12:31 ubuntu20 dnsmasq[17726]: using nameserver 8.8.8.8#53
Oct 06 19:12:31 ubuntu20 dnsmasq[17726]: read /etc/hosts - 7 addresses
Oct 06 19:12:31 ubuntu20 systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.

Configuring Local DNS Server using Dnsmasq

Once Dnsmasq is installed, you can now proceed to configure it as the local caching DNS server on Ubuntu 20.04. /etc/dnsmasq.conf is the default Dnsmasq configuration file. To configure dnsmasq therefore, you need to edit the /etc/dnsmasq.conf file.

First off, create a copy of the configuration file;

cp /etc/dnsmasq.conf{,.bak}

Next, open the configuration file for editing;

vim /etc/dnsmasq.conf

The file is well commented and all configuration options are self explanatory.

To begin with, set the port on which Dnsmasq will listen for DNS requests. This defaults to port 53 UDP by default. You can as well explicitly set the port using the port option.

port=53

Disable forwarding of names without a dot or domain part;

domain-needed

Disable forwarding of addresses in the non-routed address spaces;

bogus-priv

Define an interface (eg, interface=enp0s8) or the IP address (e.g, listen-address=192.168.x.x) on which the Dnsmasq can listen for the DNS requests. This usually defaults to the loopback address. In this setup, we set the Dnsmasq to respond to both internal and external DNS requests via a loopback and non-loopback interface IP.

listen-address=127.0.0.1,192.168.57.3 

Replace you interface IP address accordingly.

Enable Dnsmasq to automatically append the domain part to the simple names;

expand-hosts

Set the domain for dnsmasq to append to simple names;

domain=kifarunix-demo.com

Adjust the size of the cached domain names. The default is 150.

cache-size=1000

The above configuration options are enough for the basic local caching DNS server using Dnsmasq.

Without comment lines, this is how our Dnsmasq configuration file looks like;

port=53
domain-needed
bogus-priv
listen-address=127.0.0.1,192.168.57.3
expand-hosts
domain=kifarunix-demo.com
cache-size=1000

Save and exit the configuration file once done making changes.

Add the Dnsmasq DNS server IP on /etc/hosts file

Next, add the Dnsmasq IP address as the primary DNS server on the /etc/resolv.conf.

sed -i '1i nameserver 192.168.57.3' /etc/resolv.conf

The /etc/resolv.conf now looks like;

cat /etc/resolv.conf
nameserver 192.168.57.3
nameserver 8.8.8.8

Add local DNS Records to Dnsmasq Server

Add local DNS entries on the Dnsmasq server /etc/hosts file.

echo -e “192.168.57.19 centos8.kifarunix-demo.com\n192.168.57.6 ubuntu18.kifarunix-demo.com” >> /etc/hosts

Do the same for your other local domain names.

Restart Dnsmasq

Run Dnsmasq configuration check;

dnsmasq --test
dnsmasq: syntax check OK.

Restart Dnsmasq;

systemctl restart dnsmasq

Confirming Port 53;

netstat -alnp | grep -i :53
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      18313/dnsmasq       
tcp6       0      0 :::53                   :::*                    LISTEN      18313/dnsmasq       
udp        0      0 0.0.0.0:53              0.0.0.0:*                           18313/dnsmasq       
udp6       0      0 :::53                   :::*                                18313/dnsmasq

Note that dnsmasq binds to the wildcard address, even when it is listening on only some interfaces. This has the advantage of working even when interfaces come and go and change address.

Open DNS Port on UFW

If UFW is enabled, open the DNS port 53, UDP.

ufw allow from 192.168.0.0/16 to any port 53 proto udp

Update your source network accordingly.

Verify DNS resolution

Local domain resolution;

dig ubuntu18.kifarunix-demo.com +short
192.168.57.3

External DNS resolution;

dig google.com +short
216.58.223.110

Configure DNS Server on Remote Clients

Now that the Dnsmasq is ready to server out both DNS local and external queries via the local DNS server, update the DNS entry for the clients on the /etc/resolv.conf.

echo "nameserver 192.168.57.3" > /etc/resolv.conf

Replace the Dnsmasq IP accordingly.

Perform local dns queries;

dig ubuntu18.kifarunix-demo.com
; <<>> DiG 9.11.13-RedHat-9.11.13-6.el8_2.1 <<>> ubuntu18.kifarunix-demo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57550
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ubuntu18.kifarunix-demo.com.	IN	A

;; ANSWER SECTION:
ubuntu18.kifarunix-demo.com. 0	IN	A	192.168.57.3

;; Query time: 1 msec
;; SERVER: 192.168.57.3#53(192.168.57.3)
;; WHEN: Tue Oct 06 00:20:02 EAT 2020
;; MSG SIZE  rcvd: 72

Now, let us time the DNS queries using the drill utility. To use this tool, you need to install ldns-utils package on CentOS or ldnsutils package on Ubuntu. Assuming the packages are installed, use drill utility to verify DNS caching;

First time query run;

drill google.com | grep "Query time"
;; Query time: 25 msec

Second time query;

drill google.com | grep "Query time"
;; Query time: 1 msec

Hurraaay!! the Dnsmasq is now configured and running a local caching DNS server.

Related Tutorials

Setup Caching-Only DNS Server using BIND9 on Ubuntu 20.04

Configure BIND DNS Server using Webmin on CentOS 8

Setup Bind DNS Using Webmin on Debian 10

Configure BIND as Slave DNS Server on Ubuntu 18.04

How to Setup Master-Slave DNS Server using BIND on CentOS 7

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
gen_too
Co-founder of Kifarunix.com, Linux Tips and Tutorials. Linux/Unix admin and author at Kifarunix.com.

3 thoughts on “Configure Local DNS Server using Dnsmasq on Ubuntu 20.04”

  1. Not sure stopping/disabling systemd-resolved is the best way with Ubuntu 20.04, causes issues. Have you tried this recently? Adding ‘bind-dynamic’ or ‘bind-interfaces’ to dnsmasq.conf allows you to run systemd-resolved (in is standard config) alongside dnsmasq.

    Reply

Leave a Comment